1c23e8cc65f7d2e330f3b4021ef691397beda36b6ab9cba7bea091b0b6f30565 | Triage

Sharing

General

Target

d144476b01957ac7285fb62b7b523bf1_JaffaCakes118
Size

359KB
Sample

240907-g27hesyfmq
MD5

d144476b01957ac7285fb62b7b523bf1
SHA1

f3aac09f7d5aad72e9bd9425938f2d54296485ac
SHA256

1c23e8cc65f7d2e330f3b4021ef691397beda36b6ab9cba7bea091b0b6f30565
SHA512

76983b504b7dc3b5d936779eb4b885ac977a8610a67a4bba101b69fa96ec0ee67fcfc90b7b4683b59d066d9a2e4b40c86979f3a460ed84815919cfec635d2f30
SSDEEP

6144:Dsx14kisIsaL0g8zDLtQWemKgCcYFvB0J4FTlAs1XJqkhD6NZzrC:gUsIp01zXGRoYFp243TXJrhD6NZz2

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  d144476b01957ac7285fb62b7b523bf1_JaffaCakes118
- Size
  
  359KB
- MD5
  
  d144476b01957ac7285fb62b7b523bf1
- SHA1
  
  f3aac09f7d5aad72e9bd9425938f2d54296485ac
- SHA256
  
  1c23e8cc65f7d2e330f3b4021ef691397beda36b6ab9cba7bea091b0b6f30565
- SHA512
  
  76983b504b7dc3b5d936779eb4b885ac977a8610a67a4bba101b69fa96ec0ee67fcfc90b7b4683b59d066d9a2e4b40c86979f3a460ed84815919cfec635d2f30
- SSDEEP
  
  6144:Dsx14kisIsaL0g8zDLtQWemKgCcYFvB0J4FTlAs1XJqkhD6NZzrC:gUsIp01zXGRoYFp243TXJrhD6NZz2
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AskSearchAsst.exe
- Size
  
  168KB
- MD5
  
  b1b571e9f1c9078c57774f1d059f800b
- SHA1
  
  9d60fe104e2eefcec6f0bfdc32dd92d1e9afd72b
- SHA256
  
  218d7ea77b068b105fb07e82d51f76365cd8d28327cd72f6ca9a90c0fc6f66bf
- SHA512
  
  237fdbed017bbd2ea4abbdab208931377cfc8f26cd44156f3972b0c66391107faac9634318674600e67335847cfe5f0a3bece81e9e3c79beb1f12fcf18eccd45
- SSDEEP
  
  3072:SYL0xqfjyDymJRbB4EoJ+YbAEhO5EBqodxm/yejgzWhhYGZHEj:SoB4BhokYUEwGBqodxqyogihYG6j
Score

7^/10

discovery
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0285eac59530ff5cc91fe2634b4ed78e
- SHA1
  
  241c12aefca0740e776362f30aa1edffd66d6bdc
- SHA256
  
  44c822afaa4cc7cb95390eaa0ada076d280d3455870569f0cde03637257d9899
- SHA512
  
  1007fbfb82d4e6c04bd5fefb32cd81f4406022ceef4d409eda0f0ddeb8b1f124a2baec86498bc119778e0c241fc41b0c2440d8a8f6731a63ede936be94f81297
- SSDEEP
  
  192:8nK6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+MTgK72dwF7dBEnbok:8K6UdHXcIiY535zBtMTg+BEnbo
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/LogEx.dll
- Size
  
  44KB
- MD5
  
  f76acc04f2978a3877cc71e484da5dd3
- SHA1
  
  6132b886481a8e0cbc5201f3437041acda3a95a2
- SHA256
  
  069c7013fab2b54660bbc77a107ab02c60584dfd371edd1c9d833cd004a35fa6
- SHA512
  
  3810f1ae41706d2db04c1537a252de32f0f73de626f45b2f7195d05a2fdb4dd42dc8b88e9a2ece6283b71866e68c606463032f7de9c2629b95c918dcb6e83f2e
- SSDEEP
  
  768:LTUBX68uTLkegRKIBNwzBPYFgWZDomw4cy:LTODuTLqRKlBgqMox+
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  68edaafef887c72f0d85d4d64b6cbf52
- SHA1
  
  77c1fb3301d6eea2e882bc387af1a017678c58da
- SHA256
  
  7d8ce82f2b89f544ed90cc8febfcfa57b32d2c8600bb77f79bc8d8980f0f7477
- SHA512
  
  e1e6b45fd47553d8e72cf15faa8572d6cf3f0a5495a34f7cb63a2307502282e69d482db42f8a760feaa890a0dc9539e9661fea8179e4d6e18e1c90092b06d4b9
- SSDEEP
  
  192:GDKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQbHSF:GViJrtFRdbmXK8+WHw
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  6e19727f285dc3cf837e3ac855163c91
- SHA1
  
  bdcd7132f6530818ff899002dc2c1dbaebcef9c3
- SHA256
  
  e3a5ddc9a085af0b964960dbd67362319bc0582a6e972185536822934d6833c7
- SHA512
  
  b66c90490123e7dea9afcb157150d9d7278b67a6371a4cb203b319871627bc31a38b503308bf061201d85abbe52d469b7debc31e33f3b7875256637177450591
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/md5dll.dll
- Size
  
  8KB
- MD5
  
  a7d710e78711d5ab90e4792763241754
- SHA1
  
  f31cecd926c5d497aba163a17b75975ec34beb13
- SHA256
  
  9b05dd603f13c196f3f21c43f48834208fed2294f7090fcd1334931014611fb2
- SHA512
  
  f0ca2d6f9a8aeac84ef8b051154a041adffc46e3e9aced142e9c7bf5f7272b047e1db421d38cb2d9182d7442bee3dd806618b019ec042a23ae0e71671d2943c0
- SSDEEP
  
  96:YV2qpbvYSflug0Dvxn6GuKM9sh1gdrN9+oB7FT9WibOoBZcko5N/:Yt5lugRK8hlvbwkKV
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/time.dll
- Size
  
  10KB
- MD5
  
  38977533750fe69979b2c2ac801f96e6
- SHA1
  
  74643c30cda909e649722ed0c7f267903558e92a
- SHA256
  
  b4a95a455e53372c59f91bc1b5fb9e5c8e4a10a506fa04aaf7be27048b30ae35
- SHA512
  
  e17069395ad4a17e24f7cd3c532670d40244bd5ae3887c82e3b2e4a68c250cd55e2d8b329d6ff0e2d758955ab7470534e6307779e49fe331c1fd2242ea73fd53
- SSDEEP
  
  192:oNcwTweFbs9t2n2Sgiga65/aHdaGZavaJIYX4Hw2:oNcwBFg22SEw47CPU
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  uninst.exe
- Size
  
  97KB
- MD5
  
  4d6600cbaead3a7a961a12d737d1d99f
- SHA1
  
  fbc5d33946f07ad2479bedfbe04645736187ffe9
- SHA256
  
  cb967f03ab5e8b6e7c9898e57cd43250ab66a9233b47419993b3985cc3376953
- SHA512
  
  be5e95d4adbf4d9a41c8cf5b763aebe088354f4529a3a7761af7ea094deaa5b0386474b55b37a8a22db6f7f4ea33aadfe3cf467e1ae14c359b7dfd8120615310
- SSDEEP
  
  1536:kxY+TZkz1GxGTff7MbS0DymJ5AyiNSLn1v+YbCcOmqphxRKhQBdTFQe3X:SYL0xqfjyDymJRxnp+YbAEhOuEX
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/LogEx.dll
- Size
  
  44KB
- MD5
  
  f76acc04f2978a3877cc71e484da5dd3
- SHA1
  
  6132b886481a8e0cbc5201f3437041acda3a95a2
- SHA256
  
  069c7013fab2b54660bbc77a107ab02c60584dfd371edd1c9d833cd004a35fa6
- SHA512
  
  3810f1ae41706d2db04c1537a252de32f0f73de626f45b2f7195d05a2fdb4dd42dc8b88e9a2ece6283b71866e68c606463032f7de9c2629b95c918dcb6e83f2e
- SSDEEP
  
  768:LTUBX68uTLkegRKIBNwzBPYFgWZDomw4cy:LTODuTLqRKlBgqMox+
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  68edaafef887c72f0d85d4d64b6cbf52
- SHA1
  
  77c1fb3301d6eea2e882bc387af1a017678c58da
- SHA256
  
  7d8ce82f2b89f544ed90cc8febfcfa57b32d2c8600bb77f79bc8d8980f0f7477
- SHA512
  
  e1e6b45fd47553d8e72cf15faa8572d6cf3f0a5495a34f7cb63a2307502282e69d482db42f8a760feaa890a0dc9539e9661fea8179e4d6e18e1c90092b06d4b9
- SSDEEP
  
  192:GDKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQbHSF:GViJrtFRdbmXK8+WHw
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/md5dll.dll
- Size
  
  8KB
- MD5
  
  a7d710e78711d5ab90e4792763241754
- SHA1
  
  f31cecd926c5d497aba163a17b75975ec34beb13
- SHA256
  
  9b05dd603f13c196f3f21c43f48834208fed2294f7090fcd1334931014611fb2
- SHA512
  
  f0ca2d6f9a8aeac84ef8b051154a041adffc46e3e9aced142e9c7bf5f7272b047e1db421d38cb2d9182d7442bee3dd806618b019ec042a23ae0e71671d2943c0
- SSDEEP
  
  96:YV2qpbvYSflug0Dvxn6GuKM9sh1gdrN9+oB7FT9WibOoBZcko5N/:Yt5lugRK8hlvbwkKV
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/time.dll
- Size
  
  10KB
- MD5
  
  38977533750fe69979b2c2ac801f96e6
- SHA1
  
  74643c30cda909e649722ed0c7f267903558e92a
- SHA256
  
  b4a95a455e53372c59f91bc1b5fb9e5c8e4a10a506fa04aaf7be27048b30ae35
- SHA512
  
  e17069395ad4a17e24f7cd3c532670d40244bd5ae3887c82e3b2e4a68c250cd55e2d8b329d6ff0e2d758955ab7470534e6307779e49fe331c1fd2242ea73fd53
- SSDEEP
  
  192:oNcwTweFbs9t2n2Sgiga65/aHdaGZavaJIYX4Hw2:oNcwBFg22SEw47CPU
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/GetVersion.dll
- Size
  
  6KB
- MD5
  
  5264f7d6d89d1dc04955cfb391798446
- SHA1
  
  211d8d3e7c2b2f57f54a11cb8bc4fa536df08acc
- SHA256
  
  7d76c7dd8f7cd5a87e0118dacb434db3971a049501e22a5f4b947154621ab3d4
- SHA512
  
  80d27ee2f87e2822bd5c8c55cc3d1e49beebb86d8557c92b52b7cbea9f27882d80e59eefa25e414eecee268a9a6193b6b50b748de33c778b007cde24ef8bcfb7
- SSDEEP
  
  96:E12Z84uiwpGTVTDSpaHYfniz0R3GhCvXY6Ix5vdR7pBi46AQ5Vu4:2STVTGwYhR3GhCvy5vH7pBi46AQ5Vu
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32